Analysis

  • max time kernel
    179s
  • max time network
    180s
  • platform
    android_x64
  • resource
    android-x64-20240611.1-en
  • resource tags

    androidarch:x64arch:x86image:android-x64-20240611.1-enlocale:en-usos:android-10-x64system
  • submitted
    14-06-2024 10:02

General

  • Target

    a919a52d914d17db6f1e951718e24232_JaffaCakes118.apk

  • Size

    4.5MB

  • MD5

    a919a52d914d17db6f1e951718e24232

  • SHA1

    038be5c21f7c28bbe0f6d57347923d1ac99481a9

  • SHA256

    a5a4890af6c8de34aaa7177907e0ea11595ffdfe8e873b44b04c849639c45afb

  • SHA512

    efdd9eb77a9a5f519925b72faa250554d0ead0265728ccccc438fe2da3b187be7110028f497bf9c364238e7216c75887531eaa142e92b43472e7c198e30bbc3e

  • SSDEEP

    98304:h6ulWfbap8Zupss4YPHCZFda5crNGXBqiO0bToXfBMj:h6Bup8ZUpVPHWrsANGXBq7AMPBMj

Malware Config

Signatures

  • Requests cell location 2 TTPs 1 IoCs

    Uses Android APIs to to get current cell location.

  • Queries information about active data network 1 TTPs 1 IoCs
  • Queries the unique device ID (IMEI, MEID, IMSI) 1 TTPs
  • Reads information about phone network operator. 1 TTPs
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

Processes

  • com.sohomob.android.aeroplane_chess_battle_ludo_2
    1⤵
    • Requests cell location
    • Queries information about active data network
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:5135

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.sohomob.android.aeroplane_chess_battle_ludo_2/databases/downloads
    Filesize

    16KB

    MD5

    c6aaa4f863ecf344e5b2d8f089e2c8ab

    SHA1

    864dbd72dd750d017092af8043de00dc7b4ea492

    SHA256

    0a5c55867d3998b91573358e211750eeea4556bbb64ac7ec0bb23cb8bcb759f3

    SHA512

    c144a94c6030b59c7f987e9133c4fd48ca70fb683d248f1fa9ae2ac87cbe514a32107b44c454cfa1adb2210f67732cce76c1ae6cdf80df80aed560f9a497d191

  • /data/data/com.sohomob.android.aeroplane_chess_battle_ludo_2/databases/downloads-journal
    Filesize

    512B

    MD5

    56e62dbd80a0e448758d969b579e95dc

    SHA1

    dc40265ed4f682dc575e487605debb379a13af07

    SHA256

    4c42ea944635d309765b4142c0a9d31d7bcf3f3ed879b732396f5d19cb6b58f8

    SHA512

    9f1cd0c34d362a09bcd2b644fbe3a8d288ea0e5e4c2eeecfebe2b6b4428ae0ba83eebcb494e803c549f340d718463ca75ccbdd1421ede70d035f325441ad34a3

  • /data/data/com.sohomob.android.aeroplane_chess_battle_ludo_2/databases/downloads-journal
    Filesize

    8KB

    MD5

    febe9a535c9ed160252f4455f490d435

    SHA1

    3cbcaeadfa42bc103afa9c0094445192d3ec39a9

    SHA256

    19afdae1be04315b6c7d7c9bcc38d5a34380107624f02080e707fdfeaf041412

    SHA512

    a89e5b440bb2bf9c94d33bacff310d64ad8d3042c08d7d3365dd5a4b1bc8d2472d8426f9693d73107815886bc953eaef092a072e8d4f5fe751c55cbdaa1199e5

  • /data/data/com.sohomob.android.aeroplane_chess_battle_ludo_2/databases/downloads-journal
    Filesize

    8KB

    MD5

    b8939edbb504297e17a568cbff841ea8

    SHA1

    7fdf669ee0877111787d90b903c9b5a59f3b11a3

    SHA256

    02d49db6e205bb0bf4ae9f02c7aff983e8915f1a3e2531203d8c9b2e346b157f

    SHA512

    8ca931efe39800f66b9e18ac4677891da9e0fdfa729eb4b64fbb988868291dde10fbb228ddccafd2da0cc18736ae8f06c33321d077b3d4008a817a1480f81460